[BC] IP address blocking
Cowboy
curt at spam-o-matic.net
Thu May 15 21:21:43 CDT 2008
On Thursday 15 May 2008 07:38 pm, Craig Healy wrote:
> > HOWEVER, how you block a range depends entirely on your firewall, what
> > it's capable of, and what it's not capable of.
> > Some will, some won't, and some can be made to by port-forwarding all
> > ports to the bit-bucket.
> >
> > What's the firewall ?
>
> Considering the Sonicwall TZ180 or TZ190, depending if the want a WiFi
> connection or not. The client has both a Cox static IP business connection
> and a dynamic IP Verizon DSL for backup. The OPT port will do failover.
> The sales guy has simply ignored any questions about blocking IP addresses.
>
> In this application they do need some ports forwarded to various machines.
> The idea also is to block outbound connections to the forbidden addresses,
> not just inbound. They want to protect their employees from malware links
> and the like.
It's been a long time since I've been in a SonicWall, but they were a very well
done firewall appliance, with quite a few capabilities not well understood
back then. I'm relatively certain it can do the incoming.
Not sure about the outgoing.
If I remember correctly, you can do what you seek through some creative
routing. ( establishing a route for a block of addresses that essentially doesn't
go anywhere, in or out )
I'll hafta see if I can find docs on their line again.
--
Cowboy
More information about the Broadcast
mailing list